Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 10.0

    HIGH
    CVE-2021-0249

    On SRX Series devices configured with UTM services a buffer overflow vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS may allow an attacker to arbitrarily execute code or commands on the target to take over or otherwise imp... Read more

    Affected Products : junos srx550 srx5600 srx5800 srx1500 srx300 srx320 srx340 srx345 srx380 +4 more products
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2021-0248

    This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an attacker to take over any instance of an NFX deployment. This issue is only exploitable through administra... Read more

    Affected Products : junos nfx250 nfx150 nfx350
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-0247

    A Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization) vulnerability in the firewall process (dfwd) of Juniper Networks Junos OS allows an attacker to bypass the firewall rule sets applied to the input loopback filter ... Read more

    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2021-0246

    On SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, devices using tenant services on Juniper Networks Junos OS, due to incorrect default permissions assigned to tenant system administrators a tenant system administrator may inadvertently... Read more

    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2021-0245

    A Use of Hard-coded Credentials vulnerability in Juniper Networks Junos OS on Junos Fusion satellite devices allows an attacker who is local to the device to elevate their privileges and take control of the device. This issue affects: Juniper Networks Jun... Read more

    Affected Products : junos
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2021-0244

    A signal handler race condition exists in the Layer 2 Address Learning Daemon (L2ALD) of Juniper Networks Junos OS due to the absence of a specific protection mechanism to avoid a race condition which may allow an attacker to bypass the storm-control feat... Read more

    Affected Products : junos srx550 srx5600 srx5800 ex2300 ex2300-c ex3400 ex4300 ex4400 ex4600 +13 more products
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 4.7

    MEDIUM
    CVE-2021-0243

    Improper Handling of Unexpected Data in the firewall policer of Juniper Networks Junos OS on EX4300 switches allows matching traffic to exceed set policer limits, possibly leading to a limited Denial of Service (DoS) condition. When the firewall policer d... Read more

    Affected Products : junos ex4300
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-0242

    A vulnerability due to the improper handling of direct memory access (DMA) buffers on EX4300 switches on Juniper Networks Junos OS allows an attacker sending specific unicast frames to trigger a Denial of Service (DoS) condition by exhausting DMA buffers,... Read more

    Affected Products : junos ex4300
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2021-0241

    On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a specific DHCPv6 packet is received, resulting in... Read more

    Affected Products : junos
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2021-0240

    On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, the Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash if a malformed DHCPv6 packet is received, resulting in a restart o... Read more

    Affected Products : junos
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-0239

    In Juniper Networks Junos OS Evolved, receipt of a stream of specific genuine Layer 2 frames may cause the Advanced Forwarding Toolkit (AFT) manager process (Evo-aftmand), responsible for handling Route, Class-of-Service (CoS), Firewall operations within ... Read more

    Affected Products : junos_os_evolved
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2021-0238

    When a MX Series is configured as a Broadband Network Gateway (BNG) based on Layer 2 Tunneling Protocol (L2TP), executing certain CLI command may cause the system to run out of disk space, excessive disk usage may cause other complications. An administrat... Read more

    Affected Products : junos mx10 mx104 mx2010 mx2020 mx40 mx480 mx80 mx960 mx10000 +5 more products
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2021-0237

    On Juniper Networks EX4300-MP Series, EX4600 Series, EX4650 Series, QFX5K Series deployed as a Virtual Chassis with a specific Layer 2 circuit configuration, Packet Forwarding Engine manager (FXPC) process may crash and restart upon receipt of specific la... Read more

    Affected Products : junos ex4300-mp ex4600 ex4650 qfx5100 qfx5200 qfx5110 qfx5120 qfx5210 qfx5220 +1 more products
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-0236

    Due to an improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved the Routing Protocol Daemon (RPD) service, upon receipt of a specific matching BGP packet meeting a specific term in the flowspec configuratio... Read more

    Affected Products : junos junos_os_evolved
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.3

    HIGH
    CVE-2021-0235

    On SRX1500, SRX4100, SRX4200, SRX4600, SRX5000 Series with SPC2/SPC3, vSRX Series devices using tenant services on Juniper Networks Junos OS, due to incorrect permission scheme assigned to tenant system administrators, a tenant system administrator may in... Read more

    Affected Products : junos srx1500 srx4100 srx4200 srx4600 srx5000
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2021-0234

    Due to an improper Initialization vulnerability on Juniper Networks Junos OS QFX5100-96S devices with QFX 5e Series image installed, ddos-protection configuration changes will not take effect beyond the default DDoS (Distributed Denial of Service) setting... Read more

    Affected Products : junos qfx5100-96s
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-0233

    A vulnerability in Juniper Networks Junos OS ACX500 Series, ACX4000 Series, may allow an attacker to cause a Denial of Service (DoS) by sending a high rate of specific packets to the device, resulting in a Forwarding Engine Board (FFEB) crash. Continued r... Read more

    Affected Products : junos acx4000 acx500
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.4

    HIGH
    CVE-2021-0232

    An authentication bypass vulnerability in the Juniper Networks Paragon Active Assurance Control Center may allow an attacker with specific information about the deployment to mimic an already registered Test Agent and access its configuration including as... Read more

    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 6.8

    MEDIUM
    CVE-2021-0231

    A path traversal vulnerability in the Juniper Networks SRX and vSRX Series may allow an authenticated J-web user to read sensitive system files. This issue affects Juniper Networks Junos OS on SRX and vSRX Series: 19.3 versions prior to 19.3R2-S6, 19.3R3-... Read more

    Affected Products : junos srx550 srx5600 srx5800 srx1500 srx300 srx320 srx340 srx345 srx380 +5 more products
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2021-0230

    On Juniper Networks SRX Series devices with link aggregation (lag) configured, executing any operation that fetches Aggregated Ethernet (AE) interface statistics, including but not limited to SNMP GET requests, causes a slow kernel memory leak. If all the... Read more

    Affected Products : junos srx100 srx110 srx210 srx220 srx240 srx550 srx650 srx1400 srx3400 +17 more products
    • Published: Apr. 22, 2021
    • Modified: Nov. 21, 2024
Showing 20 of 294795 Results